mirror of
https://github.com/open-quantum-safe/liboqs.git
synced 2025-12-16 00:03:39 -05:00
aeac3a441d
* Update Sphincs+ PQClean patch * Don't apply PQClean Dilithium and Kyber patches * Run copy_from_upstream; don't apply Dilithium and Kyber changes * Run HQC KATs with custom PRNG * Satisfy astyle * Add licence for common code * Fix CI build errors * Update HQC version, OQS version, and SOVERSION * Move HQC PRNG into test file * Satisfy astyle * Fix SHA3 link error * Reset HQC issues/passes * fixup! Fix SHA3 link error * fix kat_kem linkage to make HQC PR pass CI (#1601) * fix kat_kem linkage * remove armhf CI support * Revert "remove armhf CI support" This reverts commit af759bbf743bb3ecc2e7315cf10c1785e93bcc05. --------- Co-authored-by: Michael Baentsch <57787676+baentsch@users.noreply.github.com>
382 lines
11 KiB
YAML
382 lines
11 KiB
YAML
name: Classic McEliece
|
|
type: kem
|
|
principal-submitters:
|
|
- Daniel J. Bernstein
|
|
- Tung Chou
|
|
- Tanja Lange
|
|
- Ingo von Maurich
|
|
- Rafael Misoczki
|
|
- Ruben Niederhagen
|
|
- Edoardo Persichetti
|
|
- Christiane Peters
|
|
- Peter Schwabe
|
|
- Nicolas Sendrier
|
|
- Jakub Szefer
|
|
- Wen Wang
|
|
crypto-assumption: Niederreiter's dual version of McEliece's public key encryption
|
|
using binary Goppa codes
|
|
website: https://classic.mceliece.org
|
|
nist-round: 3
|
|
spec-version: SUPERCOP-20221025
|
|
upstream-ancestors:
|
|
- SUPERCOP-20221025 "clean" and "avx2" implementations
|
|
advisories:
|
|
- Classic-McEliece-460896, Classic-McEliece-460896f, Classic-McEliece-6960119, and
|
|
Classic-McEliece-6960119f parameter sets fail memory leak testing on x86-64 when
|
|
building with ``clang`` using optimization level ``-O2`` and ``-O3``. Care is advised
|
|
when using the algorithm at higher optimization levels, and any other compiler and
|
|
architecture.
|
|
- Current implementation of the algorithm may not be constant-time. Additionally,
|
|
environment specific constant-time leaks may not be documented; please report potential
|
|
constant-time leaks when found.
|
|
parameter-sets:
|
|
- name: Classic-McEliece-348864
|
|
claimed-nist-level: 1
|
|
claimed-security: IND-CCA2
|
|
length-public-key: 261120
|
|
length-ciphertext: 96
|
|
length-secret-key: 6492
|
|
length-shared-secret: 32
|
|
implementations-switch-on-runtime-cpu-features: true
|
|
implementations:
|
|
- upstream-id: clean
|
|
supported-platforms: all
|
|
common-crypto:
|
|
- AES: liboqs
|
|
- SHA3: liboqs
|
|
no-secret-dependent-branching-claimed: false
|
|
no-secret-dependent-branching-checked-by-valgrind: false
|
|
large-stack-usage: true
|
|
upstream: primary-upstream
|
|
- upstream-id: avx2
|
|
supported-platforms:
|
|
- architecture: x86_64
|
|
operating_systems:
|
|
- Linux
|
|
- Darwin
|
|
required_flags:
|
|
- avx2
|
|
- popcnt
|
|
common-crypto:
|
|
- AES: liboqs
|
|
- SHA3: liboqs
|
|
no-secret-dependent-branching-claimed: false
|
|
no-secret-dependent-branching-checked-by-valgrind: false
|
|
large-stack-usage: true
|
|
upstream: primary-upstream
|
|
- name: Classic-McEliece-348864f
|
|
claimed-nist-level: 1
|
|
claimed-security: IND-CCA2
|
|
length-public-key: 261120
|
|
length-ciphertext: 96
|
|
length-secret-key: 6492
|
|
length-shared-secret: 32
|
|
implementations-switch-on-runtime-cpu-features: true
|
|
implementations:
|
|
- upstream-id: clean
|
|
supported-platforms: all
|
|
common-crypto:
|
|
- AES: liboqs
|
|
- SHA3: liboqs
|
|
no-secret-dependent-branching-claimed: false
|
|
no-secret-dependent-branching-checked-by-valgrind: false
|
|
large-stack-usage: true
|
|
upstream: primary-upstream
|
|
- upstream-id: avx2
|
|
supported-platforms:
|
|
- architecture: x86_64
|
|
operating_systems:
|
|
- Linux
|
|
- Darwin
|
|
required_flags:
|
|
- avx2
|
|
- popcnt
|
|
- bmi1
|
|
common-crypto:
|
|
- AES: liboqs
|
|
- SHA3: liboqs
|
|
no-secret-dependent-branching-claimed: false
|
|
no-secret-dependent-branching-checked-by-valgrind: false
|
|
large-stack-usage: true
|
|
upstream: primary-upstream
|
|
- name: Classic-McEliece-460896
|
|
claimed-nist-level: 3
|
|
claimed-security: IND-CCA2
|
|
length-public-key: 524160
|
|
length-ciphertext: 156
|
|
length-secret-key: 13608
|
|
length-shared-secret: 32
|
|
implementations-switch-on-runtime-cpu-features: true
|
|
implementations:
|
|
- upstream-id: clean
|
|
supported-platforms: all
|
|
common-crypto:
|
|
- AES: liboqs
|
|
- SHA3: liboqs
|
|
no-secret-dependent-branching-claimed: false
|
|
no-secret-dependent-branching-checked-by-valgrind: false
|
|
large-stack-usage: true
|
|
upstream: primary-upstream
|
|
- upstream-id: avx2
|
|
supported-platforms:
|
|
- architecture: x86_64
|
|
operating_systems:
|
|
- Linux
|
|
- Darwin
|
|
required_flags:
|
|
- avx2
|
|
- popcnt
|
|
common-crypto:
|
|
- AES: liboqs
|
|
- SHA3: liboqs
|
|
no-secret-dependent-branching-claimed: false
|
|
no-secret-dependent-branching-checked-by-valgrind: false
|
|
large-stack-usage: true
|
|
upstream: primary-upstream
|
|
- name: Classic-McEliece-460896f
|
|
claimed-nist-level: 3
|
|
claimed-security: IND-CCA2
|
|
length-public-key: 524160
|
|
length-ciphertext: 156
|
|
length-secret-key: 13608
|
|
length-shared-secret: 32
|
|
implementations-switch-on-runtime-cpu-features: true
|
|
implementations:
|
|
- upstream-id: clean
|
|
supported-platforms: all
|
|
common-crypto:
|
|
- AES: liboqs
|
|
- SHA3: liboqs
|
|
no-secret-dependent-branching-claimed: false
|
|
no-secret-dependent-branching-checked-by-valgrind: false
|
|
large-stack-usage: true
|
|
upstream: primary-upstream
|
|
- upstream-id: avx2
|
|
supported-platforms:
|
|
- architecture: x86_64
|
|
operating_systems:
|
|
- Linux
|
|
- Darwin
|
|
required_flags:
|
|
- avx2
|
|
- popcnt
|
|
- bmi1
|
|
common-crypto:
|
|
- AES: liboqs
|
|
- SHA3: liboqs
|
|
no-secret-dependent-branching-claimed: false
|
|
no-secret-dependent-branching-checked-by-valgrind: false
|
|
large-stack-usage: true
|
|
upstream: primary-upstream
|
|
- name: Classic-McEliece-6688128
|
|
claimed-nist-level: 5
|
|
claimed-security: IND-CCA2
|
|
length-public-key: 1044992
|
|
length-ciphertext: 208
|
|
length-secret-key: 13932
|
|
length-shared-secret: 32
|
|
implementations-switch-on-runtime-cpu-features: true
|
|
implementations:
|
|
- upstream-id: clean
|
|
supported-platforms: all
|
|
common-crypto:
|
|
- AES: liboqs
|
|
- SHA3: liboqs
|
|
no-secret-dependent-branching-claimed: false
|
|
no-secret-dependent-branching-checked-by-valgrind: false
|
|
large-stack-usage: true
|
|
upstream: primary-upstream
|
|
- upstream-id: avx2
|
|
supported-platforms:
|
|
- architecture: x86_64
|
|
operating_systems:
|
|
- Linux
|
|
- Darwin
|
|
required_flags:
|
|
- avx2
|
|
- popcnt
|
|
common-crypto:
|
|
- AES: liboqs
|
|
- SHA3: liboqs
|
|
no-secret-dependent-branching-claimed: false
|
|
no-secret-dependent-branching-checked-by-valgrind: false
|
|
large-stack-usage: true
|
|
upstream: primary-upstream
|
|
- name: Classic-McEliece-6688128f
|
|
claimed-nist-level: 5
|
|
claimed-security: IND-CCA2
|
|
length-public-key: 1044992
|
|
length-ciphertext: 208
|
|
length-secret-key: 13932
|
|
length-shared-secret: 32
|
|
implementations-switch-on-runtime-cpu-features: true
|
|
implementations:
|
|
- upstream-id: clean
|
|
supported-platforms: all
|
|
common-crypto:
|
|
- AES: liboqs
|
|
- SHA3: liboqs
|
|
no-secret-dependent-branching-claimed: false
|
|
no-secret-dependent-branching-checked-by-valgrind: false
|
|
large-stack-usage: true
|
|
upstream: primary-upstream
|
|
- upstream-id: avx2
|
|
supported-platforms:
|
|
- architecture: x86_64
|
|
operating_systems:
|
|
- Linux
|
|
- Darwin
|
|
required_flags:
|
|
- avx2
|
|
- popcnt
|
|
- bmi1
|
|
common-crypto:
|
|
- AES: liboqs
|
|
- SHA3: liboqs
|
|
no-secret-dependent-branching-claimed: false
|
|
no-secret-dependent-branching-checked-by-valgrind: false
|
|
large-stack-usage: true
|
|
upstream: primary-upstream
|
|
- name: Classic-McEliece-6960119
|
|
claimed-nist-level: 5
|
|
claimed-security: IND-CCA2
|
|
length-public-key: 1047319
|
|
length-ciphertext: 194
|
|
length-secret-key: 13948
|
|
length-shared-secret: 32
|
|
implementations-switch-on-runtime-cpu-features: true
|
|
implementations:
|
|
- upstream-id: clean
|
|
supported-platforms: all
|
|
common-crypto:
|
|
- AES: liboqs
|
|
- SHA3: liboqs
|
|
no-secret-dependent-branching-claimed: false
|
|
no-secret-dependent-branching-checked-by-valgrind: false
|
|
large-stack-usage: true
|
|
upstream: primary-upstream
|
|
- upstream-id: avx2
|
|
supported-platforms:
|
|
- architecture: x86_64
|
|
operating_systems:
|
|
- Linux
|
|
- Darwin
|
|
required_flags:
|
|
- avx2
|
|
- popcnt
|
|
common-crypto:
|
|
- AES: liboqs
|
|
- SHA3: liboqs
|
|
no-secret-dependent-branching-claimed: false
|
|
no-secret-dependent-branching-checked-by-valgrind: false
|
|
large-stack-usage: true
|
|
upstream: primary-upstream
|
|
- name: Classic-McEliece-6960119f
|
|
claimed-nist-level: 5
|
|
claimed-security: IND-CCA2
|
|
length-public-key: 1047319
|
|
length-ciphertext: 194
|
|
length-secret-key: 13948
|
|
length-shared-secret: 32
|
|
implementations-switch-on-runtime-cpu-features: true
|
|
implementations:
|
|
- upstream-id: clean
|
|
supported-platforms: all
|
|
common-crypto:
|
|
- AES: liboqs
|
|
- SHA3: liboqs
|
|
no-secret-dependent-branching-claimed: false
|
|
no-secret-dependent-branching-checked-by-valgrind: false
|
|
large-stack-usage: true
|
|
upstream: primary-upstream
|
|
- upstream-id: avx2
|
|
supported-platforms:
|
|
- architecture: x86_64
|
|
operating_systems:
|
|
- Linux
|
|
- Darwin
|
|
required_flags:
|
|
- avx2
|
|
- popcnt
|
|
- bmi1
|
|
common-crypto:
|
|
- AES: liboqs
|
|
- SHA3: liboqs
|
|
no-secret-dependent-branching-claimed: false
|
|
no-secret-dependent-branching-checked-by-valgrind: false
|
|
large-stack-usage: true
|
|
upstream: primary-upstream
|
|
- name: Classic-McEliece-8192128
|
|
claimed-nist-level: 5
|
|
claimed-security: IND-CCA2
|
|
length-public-key: 1357824
|
|
length-ciphertext: 208
|
|
length-secret-key: 14120
|
|
length-shared-secret: 32
|
|
implementations-switch-on-runtime-cpu-features: true
|
|
implementations:
|
|
- upstream-id: clean
|
|
supported-platforms: all
|
|
common-crypto:
|
|
- AES: liboqs
|
|
- SHA3: liboqs
|
|
no-secret-dependent-branching-claimed: false
|
|
no-secret-dependent-branching-checked-by-valgrind: false
|
|
large-stack-usage: true
|
|
upstream: primary-upstream
|
|
- upstream-id: avx2
|
|
supported-platforms:
|
|
- architecture: x86_64
|
|
operating_systems:
|
|
- Linux
|
|
- Darwin
|
|
required_flags:
|
|
- avx2
|
|
- popcnt
|
|
common-crypto:
|
|
- AES: liboqs
|
|
- SHA3: liboqs
|
|
no-secret-dependent-branching-claimed: false
|
|
no-secret-dependent-branching-checked-by-valgrind: false
|
|
large-stack-usage: true
|
|
upstream: primary-upstream
|
|
- name: Classic-McEliece-8192128f
|
|
claimed-nist-level: 5
|
|
claimed-security: IND-CCA2
|
|
length-public-key: 1357824
|
|
length-ciphertext: 208
|
|
length-secret-key: 14120
|
|
length-shared-secret: 32
|
|
implementations-switch-on-runtime-cpu-features: true
|
|
implementations:
|
|
- upstream-id: clean
|
|
supported-platforms: all
|
|
common-crypto:
|
|
- AES: liboqs
|
|
- SHA3: liboqs
|
|
no-secret-dependent-branching-claimed: false
|
|
no-secret-dependent-branching-checked-by-valgrind: false
|
|
large-stack-usage: true
|
|
upstream: primary-upstream
|
|
- upstream-id: avx2
|
|
supported-platforms:
|
|
- architecture: x86_64
|
|
operating_systems:
|
|
- Linux
|
|
- Darwin
|
|
required_flags:
|
|
- avx2
|
|
- popcnt
|
|
- bmi1
|
|
common-crypto:
|
|
- AES: liboqs
|
|
- SHA3: liboqs
|
|
no-secret-dependent-branching-claimed: false
|
|
no-secret-dependent-branching-checked-by-valgrind: false
|
|
large-stack-usage: true
|
|
upstream: primary-upstream
|
|
auxiliary-submitters: []
|
|
primary-upstream:
|
|
spdx-license-identifier: Public domain
|
|
source: https://github.com/PQClean/PQClean/commit/0657749a785db30e7f49e9435452cb042edb1852
|